Comments on: Programming SSL for Jetty based CXF services http://aruld.info/programming-ssl-for-jetty-based-cxf-services/ Life, Technology and More Wed, 10 Mar 2010 09:44:45 +0000 http://wordpress.org/?v=2.2.2 By: Armin http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3883 Armin Fri, 05 Jun 2009 17:00:43 +0000 http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3883 Thanks for the useful information, I haven't run the sample but I needed some info on this subject and now I have it. Thanks for the useful information, I haven’t run the sample but I needed some info on this subject and now I have it.

]]> By: Arul http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3873 Arul Thu, 07 May 2009 19:55:47 +0000 http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3873 Awesome. I am glad you were able to resolve it. -Arul Awesome. I am glad you were able to resolve it.

-Arul

]]> By: paulbrickell http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3872 paulbrickell Thu, 07 May 2009 14:07:05 +0000 http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3872 Ref my own post at May 7th, 2009 at 7:37 am. I got this error even after importing all the certificates explicitly. But After a restart of firefox I got a warning about low grade security, clicked OK and the page did load. Ref my own post at May 7th, 2009 at 7:37 am.

I got this error even after importing all the certificates explicitly.

But After a restart of firefox I got a warning about low grade security, clicked OK and the page did load.

]]> By: paulbrickell http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3871 paulbrickell Thu, 07 May 2009 13:37:58 +0000 http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3871 If I try to access the url with firefox I get an error page with... Peer's certificate has an invalid signature. Error code: sec_error_bad_signature On the server I get... WARNING: EXCEPTION javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150) at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1650) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1089) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1116) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1100) at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:615) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450) Any ideas? BTW thanks for the blog. If I try to access the url with firefox I get an error page with…

Peer’s certificate has an invalid signature.

Error code: sec_error_bad_signature

On the server I get…

WARNING: EXCEPTION
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:117)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1650)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:925)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1089)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1116)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1100)
at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:615)
at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:450)

Any ideas?

BTW thanks for the blog.

]]> By: Arul http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3858 Arul Wed, 01 Apr 2009 03:36:44 +0000 http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3858 Jasser, I am glad this entry was useful to you. -Arul Jasser,

I am glad this entry was useful to you.

-Arul

]]> By: jasser http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3856 jasser Mon, 30 Mar 2009 09:57:57 +0000 http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3856 Thanks a lot for sharing Java API for SSL ws configuration. Thanks a lot for sharing Java API for SSL ws configuration.

]]> By: Arul http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3854 Arul Sat, 28 Feb 2009 23:41:10 +0000 http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3854 Ashish, I used the certificates distributed with the wsdl_first_https CXF sample. This sample also ships a script (gencerts.sh) which does this for you. You can access the script from SVN here: http://svn.apache.org/repos/asf/cxf/tags/cxf-2.1.4/distribution/src/main/release/samples/wsdl_first_https/bin/gencerts.sh -Arul Ashish,

I used the certificates distributed with the wsdl_first_https CXF sample. This sample also ships a script (gencerts.sh) which does this for you. You can access the script from SVN here: http://svn.apache.org/repos/asf/cxf/tags/cxf-2.1.4/distribution/src/main/release/samples/wsdl_first_https/bin/gencerts.sh

-Arul

]]> By: Ashish http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3853 Ashish Fri, 27 Feb 2009 09:20:08 +0000 http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3853 Arul, Can you also tell us, how to generate the certificates used with this article Arul,

Can you also tell us, how to generate the certificates used with this article

]]> By: Arul http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3850 Arul Wed, 11 Feb 2009 04:29:03 +0000 http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3850 The certificate locations were hard coded in the Server and Client code attached in this blog entry. Make sure you change it to your CXF sample certificates location (For ex: C:\CXF\apache-cxf-2.1.1\samples\wsdl_first_https\certs on windows). Let me know if you are still facing this issue. -Arul The certificate locations were hard coded in the Server and Client code attached in this blog entry. Make sure you change it to your CXF sample certificates location (For ex: C:\CXF\apache-cxf-2.1.1\samples\wsdl_first_https\certs on windows).

Let me know if you are still facing this issue.

-Arul

]]> By: nocturne http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3849 nocturne Tue, 10 Feb 2009 10:12:19 +0000 http://aruld.info/programming-ssl-for-jetty-based-cxf-services/#comment-3849 I run all your code but I still get the port mismatch error code. in this code " JettyHTTPServerEngineFactory factory = new JettyHTTPServerEngineFactory(); factory.setTLSServerParametersForPort(port, tlsParams); " is the factory is doing something to JaxWsServerFactoryBean sf input in configureSSLOnTheServer method regards, is there something to do with Ser I run all your code but I still get the port mismatch error code.

in this code

JettyHTTPServerEngineFactory factory = new JettyHTTPServerEngineFactory();
factory.setTLSServerParametersForPort(port, tlsParams);

is the factory is doing something to JaxWsServerFactoryBean sf input in configureSSLOnTheServer method

regards,
is there something to do with Ser

]]>